rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Do a better job of cleaning up old policy files, trigger relabel of /home on upgrade to F19

Browse Source
This commit is contained in:
Dan Walsh 2013-01-28 15:36:16 -05:00
parent a09a7deb16
commit b59d07ae28
1 changed files with 4 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
selinux-policy.spec
View File

@ -57,7 +57,6 @@ Url: http://oss.tresys.com/repos/refpolicy/
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch BuildArch: noarch
BuildRequires: python gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2 BuildRequires: python gawk checkpolicy >= %{CHECKPOLICYVER} m4 policycoreutils-devel >= %{POLICYCOREUTILSVER} bzip2
Requires: selinux-policy-filesystem
Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER} Requires(pre): policycoreutils >= %{POLICYCOREUTILSVER}
Requires(post): /bin/awk /usr/bin/sha512sum Requires(post): /bin/awk /usr/bin/sha512sum
@ -68,20 +67,11 @@ SELinux Base package
%defattr(-,root,root,-) %defattr(-,root,root,-)
%dir %{_usr}/share/selinux %dir %{_usr}/share/selinux
%dir %{_usr}/share/selinux/packages %dir %{_usr}/share/selinux/packages
%dir %{_sysconfdir}/selinux
%ghost %config(noreplace) %{_sysconfdir}/selinux/config %ghost %config(noreplace) %{_sysconfdir}/selinux/config
%ghost %{_sysconfdir}/sysconfig/selinux %ghost %{_sysconfdir}/sysconfig/selinux
%{_usr}/lib/tmpfiles.d/selinux-policy.conf %{_usr}/lib/tmpfiles.d/selinux-policy.conf
%package filesystem
Summary: SELinux policy filesystem
Group: System Environment/Base
%description filesystem
SELinux policy filesytem
%files filesystem
%dir %{_sysconfdir}/selinux
%package devel %package devel
Summary: SELinux policy devel Summary: SELinux policy devel
Group: System Environment/Base Group: System Environment/Base
@ -262,17 +252,14 @@ fi;
. %{_sysconfdir}/selinux/config; \ . %{_sysconfdir}/selinux/config; \
if [ -e /etc/selinux/%2/.rebuild ]; then \ if [ -e /etc/selinux/%2/.rebuild ]; then \
rm /etc/selinux/%2/.rebuild; \ rm /etc/selinux/%2/.rebuild; \
(cd /etc/selinux/%2/modules/active/modules; rm -f gnomeclock.pp ctdbd.pp fcoemon.pp isnsd.pp l2tpd.pp qemu.pp nsplugin.pp razor.pp pyzord.pp phpfpm.pp hotplug.pp consoletype.pp kudzu.pp howl.pp) \ (cd /etc/selinux/%2/modules/active/modules; rm -f gnomeclock.pp matahari.pp xfs.pp kudzu.pp kerneloops.pp execmem.pp openoffice.pp ada.pp tzdata.pp hal.pp hotplug.pp howl.pp java.pp mono.pp moilscanner.pp gamin.pp audio_entropy.pp audioentropy.pp iscsid.pp polkit_auth.pp polkit.pp rtkit_daemon.pp ModemManager.pp telepathysofiasip.pp ethereal.pp passanger.pp qpidd.pp pyzor.pp razor.pp pki-selinux.pp phpfpm.pp consoletype.pp ctdbd.pp fcoemon.pp isnsd.pp l2tp.pp ) \
if [ %1 -ne 1 ]; then \
/usr/sbin/semodule -n -s %2 -r gnomeclock matahari xfs kudzu kerneloops execmem openoffice ada tzdata hal hotplug howl java mono moilscanner gamin audio_entropy audioentropy iscsid polkit_auth polkit rtkit_daemon ModemManager telepathysofiasip ethereal passanger qpidd pyzor razor pki-selinux phpfpm consoletype ctdbd fcoemon isnsd l2tp 2>/dev/null; \
fi \
/usr/sbin/semodule -B -n -s %2; \ /usr/sbin/semodule -B -n -s %2; \
else \ else \
touch /etc/selinux/%2/modules/active/modules/sandbox.disabled \ touch /etc/selinux/%2/modules/active/modules/sandbox.disabled \
fi; \ fi; \
[ "${SELINUXTYPE}" == "%2" ] && selinuxenabled && load_policy; \ [ "${SELINUXTYPE}" == "%2" ] && selinuxenabled && load_policy; \
if [ %1 -eq 1 ]; then \ if [ %1 -eq 1 ]; then \
/sbin/restorecon -R /root /var/log /var/run 2> /dev/null; \ /sbin/restorecon -R /root /var/log /run 2> /dev/null; \
else \ else \
%relabel %2 \ %relabel %2 \
fi; fi;
@ -434,7 +421,7 @@ SELinux Reference policy targeted base module.
%postInstall $1 targeted %postInstall $1 targeted
exit 0 exit 0
%triggerpostun targeted -- selinux-policy-targeted < 3.11.0-1.fc18 %triggerpostun targeted -- selinux-policy-targeted < selinux-policy-3.12.1-7.fc19
restorecon -R -p /home restorecon -R -p /home
exit 0 exit 0